<%

Response.Expires = 0
	
	if session("KeyTaxUser") <> "" then
		
		'validation to build the menu
		
		'leave these intact, as they are not to be declared in any pages that include the menu
			
			
		Dim sConnStr
		Dim objConnection
		Dim cn
		Dim cmd
			
		dim sShowUserMenu
		dim sShowFundMenu
		dim sShowEmpMenu
		dim sShowAdminMenu
		dim sShowAdminMenuResetPass
		dim sShowBulletinMenu
		dim sShowDirectiveMenu
			
		dim dllAllowedFunctions
			
		'user functions
		dim sAllowUserAdd
		dim sAllowUserList
		dim sAllowUserChange
			
		'fund functions
		dim sAllowFundAdd
		dim sAllowFundChange
			
		'employer functions
		dim sAllowEmpAdd
		dim sAllowEmpChange
		
		'admin access
		dim sAllowAdmin
		dim sAllowAdminResetPass
		
		'bulletin acces
		dim sAllowBulletin
		
		'directive access
		dim sAllowDirective
		
		dim sDontSendEmail
		dim sCancelDirective
		dim sDeleteRequest
		
		'Fikile(20100504) Added a new Enquiry Only Change
		dim sAllowEnquiryOnly
			
		Set dllAllowedFunctions = Server.CreateObject("KeyTax.clsUsers")
			
			'user functions
			sAllowUserAdd		= dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "ADD_USER")
			sAllowUserList		= dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "LIST_USER")
			sAllowUserChange	= dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "MOD_USER")
			
			'fund functions
			sAllowFundAdd		= dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "ADD_FUND")
			sAllowFundChange	= dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "MOD_FUND")
				
			'employer functions
			sAllowEmpAdd		= dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "ADD_EMP")
			sAllowEmpChange		= dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "MOD_EMP")
			
			'Shane: New code added 2002/12/23 to allow all security levels to see the directive dropdown menu, accept security users
			'bulletin access
			sAllowDirective		= dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "VIEW_DIR")
			
			'admin access
			sAllowAdmin			= dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "ADMIN")
			'Shane: New code added on 2002/12/23 to give security user access only tp reseting user passwords
			sAllowAdminResetPass = dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "ADMIN_PASS")
			
			'bulletin access
			sAllowBulletin		= dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "MOD_BULLET")
			
			'Tina: 2004/02/26 - change for Esme to not allow users to send
			'emails when tracking directives
			sDontSendEmail		= dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "DONTSEND")	
			
			'Tina: 2004/03/02 - change for Esme to not allow users to delete finalised directives
			sCancelDirective	= dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "DONTDELDIR")	
			
			sDeleteRequest = dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"), "DONTDELREQ")
			
			sAllowEnquiryOnly = dllAllowedFunctions.AllowedFunction(session("KeyTaxUser"),"QUERY_ONLY")	
				
		'clean up
		set dllAllowedFunctions = Nothing
			
		'check which menus must be displayed.
		
		'-------------------------------------------------------------------------
		'Johann Marx 06/09/2001
		'change to allow change user details functionality for all users 
			
		sAllowUserChange = "Y"
		
		'-------------------------------------------------------------------------
			
		if sAllowUserAdd = "Y" or sAllowUserList = "Y" or sAllowUserChange = "Y" then
			sShowUserMenu = "Y"
		end if
			
		if sAllowFundAdd = "Y" or sAllowFundChange = "Y" then
			sShowFundMenu = "Y"
		end if
			
		if sAllowEmpAdd = "Y" or sAllowEmpChange = "Y" then
			sShowEmpMenu = "Y"
		end if
		
		'Shane: New code added 2002/12/23 to give access to the directive dropdown menu to all users accept security users
		if sAllowDirective = "Y" then
			sShowDirectiveMenu = "Y"
		end if	
		
		if sAllowAdmin = "Y" then
			sShowAdminMenu = "Y"
		end if
		'Shane: New code added on 2002/12/23 to give security user access only to reseting user passwords
		if sAllowAdminResetPass = "Y" then
			sShowAdminMenuResetPass = "Y"
		end if
		
		if sAllowBulletin = "Y" then
			sShowBulletinMenu = "Y"
		end if	
		
		'Fikile(20100505): Added this check to give directive dropdown menu access to ENQUIRY ONLY users.
		if sAllowEnquiryOnly = "Y" then
			sShowDirectiveMenu = "Y"
		end if
			
		
dim sPageAddress
dim sAccessRedirect

sPageAddress = Request.ServerVariables("Path_Info")

if sPageSecLev <> "" then
	
	if sPageSecLev = "ADD_USER" and sAllowUserAdd <> "Y" then
		sAccessRedirect = "Y"
	end if
	
	if sPageSecLev = "LIST_USER" and sAllowUserList <> "Y" then
		sAccessRedirect = "Y"
	end if
	
	if sPageSecLev = "MOD_USER" and sAllowUserChange <> "Y" then
		sAccessRedirect = "Y"
	end if
	
	if sPageSecLev = "ADD_FUND" and sAllowFundAdd <> "Y" then
		sAccessRedirect = "Y"
	end if
	
	if sPageSecLev = "MOD_FUND" and sAllowFundChange <> "Y" then
		sAccessRedirect = "Y"
	end if
	
	if sPageSecLev = "ADD_EMP" and sAllowEmpAdd <> "Y" then
		sAccessRedirect = "Y"
	end if
	
	if sPageSecLev = "MOD_EMP" and sAllowEmpChange <> "Y" then
		sAccessRedirect = "Y"
	end if
	
	'Shane: New code added 2002/12/23 to give access to the directive dropdown menu to all users accept security users
	if sPageSecLev = "VIEW_DIR" and sShowAdminMenu <> "Y" then
		sAccessRedirect = "Y"
	end if
	
	if sPageSecLev = "ADMIN" and sShowAdminMenu <> "Y" then
		sAccessRedirect = "Y"
	end if	
	
	'Shane: New code added on 2002/12/23 to give security user access only tp reseting user passwords
	if sPageSecLev = "ADMIN_PASS" and sShowAdminMenu <> "Y" then
		sAccessRedirect = "Y"
	end if
	
	
	if sPageSecLev = "MOD_BULLETIN" and sShowBulletinMenu <> "Y" then
		sAccessRedirect = "Y"
	end if
	
	if sAccessRedirect = "Y" then
		response.redirect "../errorhandling/noaccess.asp?sPageAddress=" & sPageAddress
	end if
end if

end if

%>